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REMARKS 

Claims 1-59 are pending and stand rejected. Claims 1 ,4-7, 11-14, 18-21 , 35-30, 
32^*0, 42-44, 49, 54, and 59 have been amended. 

Claim Objections: The Examiner objected to Claims 4, 5, 1 1 , and 33-36 noting 
a number of typographical errors. Those claims have been amended to address the 
Examiner's concerns. 

CLAIM REJECTIONS -35 USC § 102: The Examiner rejected Claims 1-3, 5-10, 14- 
18, 21-29, and 44-50 as being anticipated by USPN 6,463,474 issued to Fuh. To 
properly support a § 102 rejection, the cited reference must teach or suggest the 
combination of elements as set forth in required in a rejected claim. 

Fuh is directed to a method for enabling a router (210) (in lieu of an 
authentication server) to authenticate a client (306) attempting to access a network 
resource (222). See, e.g., Fuh, Abstract and Fig. 4. Fuh, Fig. 4 is reproduced below: 
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The following summarizes the method taught by Fuh. The router (21 0) receives 
a request from a client (306) to forward a packet to a network resource labeled as target 
server (222). Fuh, Fig. 7A, step 702. Router (210) examines the packet to determine if 
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the IP address of the client (306) is found in a filtering mechanism. Fuh, Fig. 7A, steps 
704 and 706. Assuming that it is, router (210) searches its authentication caches for 
that IP address. Fuh, Fig. 7A, step 708. If found, the router (210) passes the packet on 
to the network resource (222). Fuh f Fig. 7A, steps 710 and 712. If not found, the router 
(222) creates a new authentication cache, requests and receives authentication/log-in 
information from Hie client (306), and authenticates the client (306) with a remote 
authentication server (218) using the log-in information. Fuh, Fig. 7B, steps 720-728. 
Assuming that authentication is successful, the router (222) updates the newly created 
authentication cache with data received from the authentication server (218), 
reconfigures itself, and sends a reload instruction back to the client (306). Fuh, Fig. 7B, 
steps 730-740. At this stage, the router (222) can locally authenticate the client (306) 
without needing to access the remote authentication server (21 8). 

Claim 1 is directed to a method for providing a first network resource access to a 
second network resource and recites the following acts: 

1. beating a profile using profile data obtained from a client device, the 
profile containing data for identifying and for accessing the second 
network resource; 

2. supplying the profile to the second network resource; 

3. receiving, from the second network resource, temporary credentials for 
accessing the second network resource and generated according to the 
profile; and 

4. providing the first network resource with the temporary credentials so that 
the first network resource can provide the second network resource with 
the temporary credentials to access the second network resource on 
behalf of the client device. 

Claim 1 , as amended includes one or more limitations not taught or suggested by Fuh. 
Fuh does not teach locating, providing, and using a profile that includes data for 
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identifying a second network resource in the manner required by Claim 1. Instead Fuh 
teaches that a client (306) is used to pass a user name and password pair to an 
authentication server (218), That authentication server (218) returns to the router (222) 
data in a profile matching the user name/password pair. The router (222) stores that 
data in an authentication cache associated with an IP address for the client (316). The 
Examiner equates Fun's authentication server (218) with the identification service of 
Claim 1. Even assuming the Examiner's position as true, Fuh's authentication server 
(218) does not locate a profile that includes data for identifying a second network 
resource in the manner required by Claim 1 . Fuh's authentication server (218) merely 
locates a profile that includes "authentication and authorization information on users." 
Fuh, col. 8, lines 24-37; see also col. 13. lines 44-54. 

Clearly the profile located by Fuh's authentication server (218) does not contain 
information for identifying Fuh's network service (222). It simply contains authentication 
and authorization information about a particular user (302) of client (316). 
Consequently, Fuh cannot teach or suggest: 

• supplying such a profile to the second network resource; or 

• receiving, from the second network resource, temporary credentials for 
accessing the second network resource and generated according to that profile. 

Moreover, any temporary credentials created according to Fuh's teachings are created 
by and stored and used locally by Fuh's router (222) in an authentication cache. Fuh 
does not teach or suggest providing temporary credentials to any other device as 
required by Claim 1 , 

For at least these reasons, Claim 1 is patentable over Fuh, as are Claims 2-5 
which depend from Claim 1 . 

Claim 6 is directed to a method for enabling an application server to access a 
data service and recites the following acts: 
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1 . the application server instructing a client to provide profile data to an 
identification service, the identification service having access to one or 
more profiles used to access one or more data services, the profile data 
identifying a particular profile; 

2. the identification service locating the particular profile using the profile 
data received from a client device, the profile containing data for 
identifying and for accessing the data service; 

3. the identification service providing the profile to the data service; 

4. the data service generating temporary credentials for accessing the data 
service identified by the particular profile; and 

5. the application server obtaining the temporary credentials and providing 
the data service with the temporary credentials to access the data service 
on behalf of the client 

As with Claim 1 , Fuh does not teach locating, providing, and using a profile that 
includes data for identifying a second network resource in the manner required by 
Claim 6. Instead Fuh teaches that a client (306) is used to pass a user name and 
password pair to an authentication server (218). That authentication server (218) 
returns to the router (222) data in a profile matching the user name/password pair. The 
router (222) stores that data in an authentication cache associated with an IP address 
for the client (31 6). The Examiner equates Fuh's authentication server (21 8) with the 
identification service of Claim 1. Even assuming the Examinees position as true, Fuh's 
authentication server (218) does not locate a profile that includes data for identifying a 
second network resource in the manner required by Claim 1 . Fuh's authentication 
server (218) merely locates a profile that includes "authentication and authorization 
information on users." Fuh, col. 8, lines 24-37; see also coL 13, lines 44-54. 

Clearly the profile located by Fuh's authentication server (218) does not contain 
information for identifying Fuh's network service (222). It simply contains authentication 
and authorization information about a particular user (302) of client (316). 
Consequently, Fuh cannot teach or suggest 
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• an Identification service locating the particular profile using the profile data 
received from a client device where the profile contains data for identifying and 
for accessing the data service; or 

• the data service generating temporary credentials for accessing the data service 
identified by the particular profile. 

Moreover, any temporary credentials created according to Fuh's teachings are created 
by and stored and used locally by Fuh's router (222) in an authentication cache. Fuh 
does not teach or suggest providing temporary credentials to any other device for any 
purpose let alone for the purpose of accessing that device on behalf of a client in the 
manner required by Claim 6. 

For at least these reasons, Claim 6 is patentable over Fuh, as are Claims 7-13 
which depend from Claim 6. 

Claim 14 is directed to a method for enabling an application server to access a 
data service and recites the following acts: 

1 . the application server receiving, from a client, a request to direct an 
application; 

2. the application server instructing the client to provide profile data to an 
identification service, the identification service having access to one or 
more profiles for identifying accessing one or more data services, the 
profile data identifying a particular profile; 

3. the identification service providing the data service with the particular 
profile identified by the profile data, the profile containing data for 
identifying and accessing the data service; 

4. the data service using the profile to generate temporary credentials for 
accessing the data service; and 

5. the application server providing the data service with the temporary 
credentials to access the data service on behalf of the client 

&W: 10/085,971 

19 Csse: 10013820-1 

Response to Office Action 

PAGE 21/32 * RCVD AT 7/13/2005 3:22:33 PM [Eastern Daylight Time] * SVR:USPT0-EFXRF-1/2 * DNIS:8729306 * CSID:208 433 9295 * DURATION (mm-ss):08-18 



JUL-T3-2005(KED) 13:26 



Ormiston & McKinney 



(FAX)208 433 9295 



P. 022/032 



As with Claim 6, Fuh does not teach or suggest an application server that provides a 
data service with the temporary credentials to access the data service on behalf of a 
client in the manner required by Claim 14. 

For at least this reason Claim 14 is patentable over Fuh as are Claims 15-20 
which depend from Claim 14. 

Claim 21 is directed to a computer readable medium having instructions for 
implementing the method steps similar to those of Claim 1 . For the same reasons 
Claim 1 is patentable, so are Claim 21 and Claims 22-25 which depend from claim 21 . 

Claim 26 is directed is directed to a computer readable medium having 
instructions for implementing the method steps similar to those of Claim 6. For the 
same reasons Claim 6 is patentable, so are Claim 26 and Claims 27-31 which depend 
from claim 26. 

Claim 44 is directed to a system for providing a first server with access to a 
second server and recites the following elements: 

1. an identification service in network communication with a credential 
module; 

2. the credential module operable to use a profile acquired by the 
identification service to generate temporary credentials for accessing the 
second server; 

3. the identification sen/ice being operable to receive profile data from a 
client, to acquire a profile identified by the profile data, and to provide the 
first server with the temporary credentials generated by the credential 
module^ 

4. the credential module and the identification, together being operable to 
provide the first server with the temporary credentials enabling the first 
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server to provide the second server with the credentials to access the 
second server on behalf of the client. 

Fuh does not teach or suggest that a credential module and an identification sen/ice 
that together can provide the first server with the temporary credentials enabling the 
first server to provide the second server with the credentials to access the second 
server on behalf of a client 

For at least this reason Claim 44 is patentable over Fuh as are Claims 45-48 
which depend from Claim 44. 

Claim 49 is directed to a system for accessing a data service and recites the 
following elements; 

1 . an identification service operable to receive profile data from a client 
identifying a particular profile and to provide that profile, the profile to 
contain electronic data used to identify the data service; 

2. a credential module operable to obtain the profile from the identification 
service, generate temporary credentials, and map those credentials to the 
data service identified by the profile; and 

3. an application server operable to serve an interface containing 
instructions to send profile data to the identification service, to obtain the 
temporary credentials, and to provide the data service with the temporary 
credentials to access the data service on behalf of the client. 

Fuh does not teach or suggest an application server that provides a data service with 
the temporary credentials to access the data service on behalf of a client in the manner 
required by Claim 49. 

For at least this reason Claim 49 is patentable over Fuh as are Claims 50-53 
which depend from Claim 14. 
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Claim Rejections -35 USC § 103: The Examiner rejected Claims 4, 1 1, 12, 19, 
30, 32-42, 51, 54-56, 58, and 59 as being unpatentable over Fuh in view of US Pub. 
2002/0049717 to Routtenberg. Claims 4, 1 1 , 12, 1 9, 30, and 51 each depend from an 
allowable base claim as clarified above. For at least the reasons Claims 1 , 6, 14, 26, 
and 49 are patentable, so are Claims 4, 1 1 , 1 2, 1 9, 30, and 51 . 

Claim 32 is directed to a computer readable medium having instructions for 

1 . generating an interface having user accessible controls for creating a 
profile for accessing a data service; 

2. creating a profile according to selections made through the interface the 
profile containing data for identifying and accessing the data service; 

3. providing a client device with profile data identifying a created profile; 

4. upon receiving profile data, retrieving a profile identified by the profile data 
received; 

5. generating temporary credentials for accessing the data service identified 
by the retrieved profile; and 

6. providing an application server with the temporary credentials for 
accessing the data service on behalf of the client device. 

Neither Fuh nor Rottenberg, alone or combined, teaches creating a profile according to 
selections made through the interface so that the profile contains data for identifying 
and accessing the data service. Furthermore, those references fail to teach or suggest 
generating temporary credentials for accessing the data service identified by the 
retrieved profile and then providing an application server with the temporary credentials. 
Any temporary credentials created or used according to Fuh and created and used 
locally by Fun's router (222) and never provided to an application server. 

For at least these reasons Claim 32 is patentable over Fuh and Rottenberg as 
are Claims 33-37 which depend from Claim 32. 
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Claim 38 is directed to a computer readable medium having instructions for: 

1 . generating a profile interface having user accessible controls for creating 
a profile for locating and accessing a data service; 

2. creating a profile according to selections made through the profile 
interface, the profile containing data for identifying and accessing the data 
service; 

3. providing a client with profile data identifying a created profile; 

4. receiving a request to access an application; 

5. instructing a client to send profile data; 

6. receiving the profile data; 

7. retrieving a profile identified by the profile data; 

8. generating temporary credentials for accessing a data service identified by 
the retrieved profile; and 

9. providing the data service with the temporary credentials to access the 
data service on behalf of the client. 

As with Claim 32, neither Fuh nor Rottenberg, alone or combined, teaches creating a 
profile according to selections made through the interface so that the profile contains 
data for identifying and accessing the data service. Furthermore, those references fail 
to teach or suggest generating temporary credentials for accessing the data service 
identified by the retrieved profile and then providing a data service with the temporary 
credentials. Any temporary credentials created or used according to Fuh and created 
and used locally by Fuh's router (222) and never provided to an application server. 

For at least these reasons Claim 38 is patentable over Fuh and Rottenberg as 
are Claims 39-43 which depend from Claim 38. 

Claim 54 is directed to a system for accessing a data service and recited the 
following elements: 
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1. an identification service operable to generate a profile interface having 
user accessible controls for creating a profile containing electronic data 
used to identify the data service, to create a profile using selections made 
through the profile interface, to issue instructions to store profile data used 
to access the created profile, to receive from a client profile data 
identifying a particular profile, and to provide that profile; 

2. a credential module operable to obtain the profile from the identification 
service, generate temporary credentials, and map those credentials to the 
data service identified by the profile; and 

3. an application server operable to serve an application interface that 
includes instructions to send profile data to the identification service, to 
obtain the temporary credentials, and to provide the data service with the 
temporary credentials to access the data service on behalf of the client 

Neither Fuh nor Rottenberg teaches or suggests an application server that provides a 
data service with the temporary credentials to access the data service on behalf of a 
client in the manner required by Claim 54. 

For at least this reason Claim 54 is patentable over Fuh and Rottenberg as are 
Claims 55-58 which depend from Claim 54. 

Claim 59 is directed to a system for accessing data and recites the following 
elements: 

1 . a means for generating a profile interface having user accessible controls 
for creating a profile containing electronic data used to identify a particular 
data service; 

2. a means for creating a profile using selections made through the profile 
interface; 

3. a means for issuing instructions to store profile data used to access the 
created profile; 
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4. a means for receiving, from a client, profile data identifying a particular 
profile; 

5. a means for providing tfie particular profile; 

6. a means for generating temporary credentials; 

7. a means for mapping the temporary credentials to the data service 
identified by the provided profile; 

8. a means for serving an application interface that includes instructions to 
send profile data to the identification service; 

9. a means for providing the data service with the temporary credentials to 
access the data service on behalf of the client; and 

10. a means for invalidating the temporary credentials 

Neither Fuh nor Rottenberg teaches or suggests an a means for providing the data 
service with the temporary credentials to access the data service on behalf of a client in 
the manner required by Claim 59. 

For at least this reason Claim 59 is patentable over Fuh and Rottenberg. 

Claim Rejections -35 USC § 103: The Examiner rejected Claims 11,12, and 
32-42, 51 , and 54-59 as being unpatentable over Fuh in view of USPN 6,453,353 
issued to Win. Claims 11 and 12 depend from Claim 6 and include all the limitations of 
that base Claim. For at least the same reasons Claim 6 is patentable, so are Claims 1 1 
and 12. Claim 51 depends from Claim 49 and includes all the limitations of that base 
Claim. For at least the same reasons Claim 49 is patentable, so is Claim 51 . 

Claim 32 is directed to a computer readable medium having instructions for 

1 . generating an interface having user accessible controls for creating a 
profile for accessing a data service; 

2. creating a profile according to selections made through the interface the 
profile containing data for identifying and accessing the data service; 
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3. providing a client device with profile data identifying a created profile; 

4. upon receiving profile data, retrieving a profile identified by the profile data 
received; 

5. generating temporary credentials for accessing the data service identified 
by the retrieved profile; and 

6. providing an application server with the temporary credentials. 

Neither Fuh nor Win, alone or combined, teaches creating a profile according to 
selections made through the interface the profile containing data for identifying and 
accessing the data service. Furthermore, those references fail to teach or suggest 
generating temporary credentials for accessing the data service identified by the 
retrieved profile and then providing an application server with the temporary credentials. 
Any temporary credentials created or used according to Fuh and created and used 
locally by Fuh's router (222) and never provided to an application server. 

For at least these reasons Claim 32 is patentable over Fuh and Win as are 
Claims 33-37 which depend from Claim 32. 



Claim 38 is directed to a computer readable medium having instructions for: 

1 * generating a profile interface having user accessible controls for creating 
a profile for locating and accessing a data service; 

2. creating a profile according to selections made through the profile 
interface, the profile containing data for identifying and accessing the data 
service; 

3. providing a client with profile data identifying a created profile; 

4. receiving a request to access an application; 

5. instructing a client to send profile data; 

6. receiving the profile data; 

7. retrieving a profile identified by the profile data; 
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8- generating temporary credentials for accessing a data service identified by 

the retrieved profile; and 
9. providing the data service with the temporary credentials to access the 

data service on behalf of the client 

As with Claim 32, neither Fuh nor Win, alone or combined, teaches creating a profile 
according to selections made through the interface the profile containing data for 
identifying and accessing the data sen/ice. Furthermore, those references fail to teach 
or suggest generating temporary credentials for accessing the data service Identified by 
the retrieved profile and then providing an application server with the temporary 
credentials. Any temporary credentials created or used according to Fuh and created 
and used locally by Fuh's router (222) and never provided to an application server. 

For at least these reasons Claim 38 is patentable over Fuh and Win as are 
Claims 39-43 which depend from Claim 38. 

Claim 54 is directed to a system for accessing a data service and recited the 
following elements: 

1. an identification service operable to generate a profile interface having 
user accessible controls for creating a profile containing electronic data 
used to identify the data service, to create a profile using selections made 
through the profile interface, to issue instructions to store profile data used 
to access the created profile, to receive profile data identifying a particular 
profile, and to provide that profile; 

2. a credential module operable to obtain the profile from the identification 
service, generate temporary credentials, and map those credentials to the 
data service identified by the profile; and 

3. an application server operable to serve an application interface that 
includes instructions to send profile data to the identification service, to 
obtain the temporary credentials, and to provide the data service with the 
temporary credentials to access the data service on behalf of a client 
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Neither Fuh nor Win teaches or suggests an application server that provides a data 
service with the temporary credentials to access the data service on behalf of a client in 
the manner required by Claim 64, 

For at least this reason Claim 54 is patentable over Fuh and Win as are Claims 
55-58 which depend from Claim 54. 

Claim 59 is directed to a system for accessing data and recites the following 
elements: 

1 . a means for generating a profile interface having user accessible controls 
for creating a profile containing electronic data used to identify a particular 
data service; 

2. a means for creating a profile using selections made through the profile 
interface; 

3. a means for issuing instructions to store profile data used to access the 
created profile; 

4. a means for receiving profile data identifying a particular profile; 

5. a means for providing the particular profile: 

6. a means for generating temporary credentials; 

7. a means for mapping the temporary credentials to the data service 
identified by the provided profile; 

8. a means for serving an application interface that includes instructions to 
send profile data to the identification service; 

9. a means for providing the data service with the temporary credentials to 
access the data service on behalf of a client; and 

1 0. a means for invalidating the temporary credentials 

Neither Fuh nor Win teaches or suggests an a means for providing the data service 
with the temporary credentials to access the data service on behalf of a client in the 
manner required by Claim 59. 

S/N: 10/086.971 

28 Case: 10013820-1 

Response to Office Action 

PAGE 30/32 1 RCVD AT 7/1 312005 3:22:33 PM [Eastern Daylight Time] * SVR:USPT0£ FXRF-1/2 * DNIS:8729306 * CSID:208 433 9295 ' DURATION (mm-ss):0S-18 



JU>1'3-2005(WED) 13:29 



Ormiston & McKinney 



(FAX)208 433 9295 



P. 031/032 



For at least this reason Claim 59 is patentable over Fuh and Win. 

Claim Rejections -35 USC § 103: The Examiner rejected Claims 13, 20, 31 , 43, 
52, 53, and 57 as being unpatentable over Fuh and Win in further view of a printed 
publication labeled as authored by Curtin. Each of these Claims depends from and 
includes limitations of an allowable base claim as previously argued. For the same 
reasons those base claims are allowable, so are Claims 3, 20, 31 , 43, 52, 53, and 57. 
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Conclusion: The foregoing is believed to be a complete response to the 
outstanding Office Action, Claims 1-59 are felt to be In condition for allowance. 
Consequently, early and favorable action allowing these claims and passing the 
application to issue is earnestly solicited. The foregoing is believed to be a complete 
response to the outstanding Office Action. 



Respectfully submitted, 
Gregory Eugene Perkins 
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